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- 77)e MAILING DATE of this communication appears on the cover sheet with the correspondence address-- 

All claims being allowable, PROSECUTION ON THE MERITS IS (OR REMAINS) CLOSED in this application. If not included 
herewith (or previously mailed), a Notice of Allowance (PTOL-85) or other appropriate communication will be mailed in due course. THIS 
NOTICE OF ALLOWABILITY IS NOT A GRANT OF PATENT RIGHTS. This application is subject to withdrawal from issue at the initiative 
of the Office or upon petition by the applicant. See 37 CFR 1.313 and MPEP 1308. 

1 . [3 This communication is responsive to 29 October 2007 and 20 July 2007 . 

2. S The allowed claim(s) is/are 11-13.15-19 and 21-25 . 

3. [Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 

a) □ All b) □ Some* c) □ None of the: 

1. □ Certified copies of the priority documents have been received. 

2. □ Certified copies of the priority documents have been received in Application No. . 

3. □ Copies of the certified copies of the priority documents have been received in this national stage application from the 

International Bureau (PCT Rule 17.2(a)). 
* Certified copies not received: . 

Applicant has THREE MONTHS FROM THE "MAILING DATE" of this communication to file a reply complying with the requirements 
noted below. Failure to timely comply will result in ABANDONMENT of this application. 
THIS THREE-MONTH PERIOD IS NOT EXTENDABLE 

4. El SUBSTITUTE OATH OR DECLARATION must be submitted. Note the attached EXAMINER'S AMENDMENT or NOTICE OF 

INFORMAL PATENT APPLICATION (PTO-152) which gives reason(s) why the oath or declaration is deficient. 

5. EJDRRECTED DRA WINGS ( as "replacement sheets") must be submitted. 

(a) □ including changes required by the Notice of Draftsperson's Patent Drawing Review ( PTO-948) attached 

1 ) □ hereto or 2) □ to Paper No./Mail Date . 

(b) □ including changes required by the attached Examiner's Amendment / Comment or in the Office action of 

Paper No./Mail Date . 

Identifying indicia such as the application number (see 37 CFR 1.84(c)) should be written on the drawings in the front (not the back) of 
each sheet. Replacement sheet(s) should be labeled as such in the header according to 37 CFR 1.121(d). 

6. [QEPOS IT OF and/or INFORMATION about the deposit of BIOLOGICAL MATERIAL must be submitted. Note the 

attached Examiner's comment regarding REQUIREMENT FOR THE DEPOSIT OF BIOLOGICAL MATERIAL. 
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1. □ Notice of References Cited (PTO-892) 

2. □ Notice of Draftperson's Patent Drawing Review (PTO-948) 

3. □ Information Disclosure Statements (PTO/SB/08), 

Paper No./Mail Date 

4. □ Examiner's Comment Regarding Requirement for Deposit 

of Biological Material 



5. □ Notice of Informal Patent Application 

6. □ Interview Summary (PTO-413), 

Paper No./Mail Date . 
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9. □ Other . 
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DETAILED ACTION 

1 . The Applicant's amendment, filed 20 July 2007, has been received and entered 
into the record, respectfully and carefully considered. 

2. As a result of the amendment, claims 1-3 are canceled and claims 4, 1 1, 17, 21- 
25 are amended. Therefore, claims 4-25 are pending in this application. 

3 . Applicant's election of Species II (Claims 1 1-25) in the reply filed on 29 October, 
2007 is acknowledged. However, after careful consideration and in view of Applicant's 
20 July 2007 remark "Claim 4 is a system claim similar to claim 1-1" (see page 11), the 
examiner withdraws the Election/Restriction requirement. Therefore, claims 4-25 have 
been examined. 

Claim Objections 

4. As a result of the amendment to the claims, the examiner withdraws the pending 
claim objection. 

Claim Rejections - 35 USC §112 

5. As a result of the amendments to the claims, the examiner withdraws the 
pending claim rejection under 35 U.S.C. § 1 12. 

Claim Rejections - 35 USC § 101 

6. As a result of the amendments to the claims 17-20, the examiner withdraws the 
pending claim rejection under 35 U.S.C. § 101. 
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7. As a result of the examiner's amendment to the claims 4-1 0 and 21 -25, the 
examiner withdraws the pending claim rejection under 35 U.S.C. § 101 . 

EXAMINEES AMENDMENT 

8. An examiner's amendment to the record appears below. Should the changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. Authorization for this examiner's 
amendment was given in a telephone interview with Mr. Gregory Lunt (Registration No. 
47,973) on 18 January 2008. The amendments are to cancel broad claims, overcome 
minor informalities and 101 rejection and also add altering feature to the independent 
claims. As per MPEP 713.04, a separate interview summary form is not provided 
because the content of the interview has been summarized herein. 

The application has been amended as follows: 
IN THE CLAIMS: 

Claims 4-10, 14 and 20 (Cancelled) 

1 1 . (Currently Amended) At a super authority connected to a network environment, an 
assigned authenticating authority and one or more other authenticating authorities also 
being connected to the network environment, each authenticating authority configured 
to authenticate of subset of principals that access the network environment through 
different domains, a method of controlling authentication of pr i nc i pa l s a principal for 
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access to network resources in a the network environment, wherein the principal's 
account identifier is configured for authentication at an authenticating authority from 
among the assigned authenticating authority and the one or more other authenticating 
authorities, the method comprising: 

receiving at the super authority a request for an authenticating authority 
resolution from an authenticating authority that is not authorized to authenticate the 
principal, wherein the request comprises an account ID of a the principal to be 
authenticated, the account ID including an individual identifier and a domain identifier; 

accessing an assignment mapping that maps each account ID in a plurality of 
account IDs to a corresponding plurality of authenticating authorities that are authorized 
to authenticate the account ID, the account ID including an individual identifier and a 
domain identifier, the account ID being used to identify comprising the identity of the 
principal; 

locating within the mapping an identity of an assigned authenticating authority 
from among the one or more authenticating authorities that corresponds to the 
individual identifier and domain identifier in the account ID of the principal to be 
authenticated; arel 

causing an authentication request to be transmitted to the assigned 
authenticating authority located from among the one or more other authenticating 
authorities, the assigned authenticating authority having been located using the 
principal's individual identifier and domain identifiers in the principal's account ID, 
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wherein the request asks the assigned authenticating authority to authenticate the 
principal; 

altering the assignment mapping whereby an account ID previously mapped to a 
first authenticating authority is remapped to a second authenticating authority . 

17. (Currently Amended) At a super authority connected to a network environment, an 
assigned authenticating authority and one or more other authenticating authorities also 
being connected to the network environment, each authenticating authority configured 
to authenticate of subset of principals that access the network environment through 
different domains, an apparatus for controlling authentication of pr i ncip al s a principal for 
access to network resources in a the network environment, wherein the principal's 
account identifier is configured for authentication at an authenticating authority from 
among the assigned authenticating authority and the one or more other authenticating 
authorities, the apparatus comprising: 

means for receiving at the super authority a request for an authenticating 
authority resolution from an authenticating authority that is not authorized to 
authenticate the principal, wherein the request comprises an account ID of a the 
principal to be authenticated, the account ID including an individual identifier and a 
domain identifier; 

means for accessing an assignment mapping that maps each account ID in a 
plurality of account IDs to a corresponding plurality of authenticating authorities that are 
authorized_to authenticate the account ID, the account ID including an individual 
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identifier and a domain identifier, the account ID being used to identify comprising the 
identity of the principal; 

means for locating within the mapping an identity of an assigned 
authenticating authority from among the one or more authenticating authorities that 
corresponds to the individual identifier and domain identifier in the account ID of the 
principal to be authenticated; and 

means for causing an authentication request to be transmitted to the assigned 
authenticating authority located from among the one or more other authenticating 
authorities, the assigned authenticating authority having been located using the 
principal's individual identifier and domain identifiers in the principal's account ID, 
wherein the request asks the assigned authenticating authority to authenticate the 
principal; 

means for altering the assignment mapping whereby an account ID previously 
mapped to a first authenticating authority is remapped to a second authenticating 
authority. 

Claim 21 (Currently Amended) At a super authority connected to a network 
environment, an assigned authenticating authority and one or more other authenticating 
authorities also being connected to the network environment, each authenticating 
authority configured to authenticate of subset of principals that access the network 
environment through different domains, a phys i ca l , r o cord a bl o typ o computor readab le 
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m e d i um h a v i ng th e r e on comput er e x e cutabl e i nstruct i ons for perform i ng computer 
executable instructions stored in a volatile or non-volatile computer readable medium to 
execute a method of controlling authentication of pr i nc i pa l s a principal for access to 
network resources in a the network environment, wherein the principal's account 
identifier is configured for authentication at an authenticating authority from among the 
assigned authenticating authority and the one or more other authenticating authorities, 
the method comprising the steps of: 

receiving at the super authority a request for an authenticating authority 
resolution from an authenticating authority that is not authorized to authenticate the 
principal, wherein the request comprises an account ID of a the principal to be 
authenticated, the account ID including an individual identifier and a domain identifier; 

accessing an assignment mapping that maps each account ID in a plurality of 
account IDs to a corresponding plurality of authenticating authorities that are authorized 
to authenticate the account ID, the account ID including an individual identifier and a 
domain identifier, the account ID being used to identify comprising the identity of the 
principal; 

locating within the mapping an identity of an assigned authenticating authority 
from among the one or more authenticating authorities that corresponds to the 
individual identifier and domain identifier in the account ID of the principal to be 
authenticated; af*d 

causing an authentication request to be transmitted to the assigned 
authenticating authority located from among the one or more other authenticating 



Application/Control Number: Page 8 

10/667,582 

Art Unit: 2135 

authorities, the assigned authenticating authority having been located using the 
principal's individual identifier and domain identifiers in the principal's account ID, 
wherein the request asks the assigned authenticating authority to authenticate the 
principal; 

altering the assignment mapping whereby an account ID previously mapped to a 
first authenticating authority is remapped to a second authenticating authority . 

22. (Currently Amended) The physical, r e cordable typ e comput e r readabl e m e d i um 
computer executable instructions according to claim 21, wherein each account ID 
comprises a namespace identifier, and wherein the plurality of account IDs comprises at 
least two account IDs having a common namespace identifier, wherein the at least two 
account IDs are mapped to at least two different respective ones of the plurality of 
authenticating authorities via the assignment mapping. 

23. (Currently Amended) The physica l , recordabl e typ e comput e r r e adable medium 
computer executable instructions according to claim 21, wherein each account ID 
comprises a namespace identifier, and wherein the plurality of account IDs comprises at 
least two account IDs having different namespace identifiers, wherein the at least two 
account IDs are mapped to the same one of the plurality of authenticating authorities via 
the assignment mapping. 



24. (Currently Amended) The physical, r e cordab le typ e comput e r readab le m e d i um 
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computer executable instructions according to claim 21 , wherein the assignment 
mapping is based at least in part on the organizational affiliation of principals within an 
entity. 

25. (Currently Amended) The phys i c a l, r e cordab le typ e comput e r re a dab l e m e d i um 

computer executable instructions according to claim 21 , wherein the assignment 

mapping is based at least in part on the geographical location of principals. 

Reason for Allowance 

9. The following is the Examiner's statement of reasons for allowance: Applicant's 
arguments submitted on 20 July 2007 were considered persuasive - the prior art does 
not teach the limitations which have been amended onto independent claims 11,17 and 
21. The closest prior art fails to disclose the features of receiving at the super authority 
a request for an authenticating authority resolution from an authenticating authority that 
is not authorized to authenticate the principal, wherein the request comprises an 
account ID of a principal to be authenticated, the account ID including an individual 
identifier and a domain identifier, accessing an assignment mapping that maps each 
account ID in a plurality of account IDs to a corresponding plurality of authenticating 
authorities that are authorized to authenticate the account ID, and altering the 
assignment mapping whereby an account ID previously mapped to a first authenticating 
authority is remapped to a second authenticating authority. 

The examiner further notes that as per claims 21-25, which was previously 
rejected under 35 USC 101 due to a computer-readable medium can be signal or carrier 
wave. In the examiner's amendment, the examiner amends the claims to "... computer 
executable instructions stored in a volatile or non-volatile computer readable medium to 
execute ". The examiner reviewed the original specification [0019], the Applicant 
discloses "The system memory includes read only memory (ROM) and random access 
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memory (RAM)" and further in specification [0020], the Applicant discloses "The drives 
and their associated computer-readable media provide nonvolatile storage of computer 
readable instructions...". As understood by one of ordinary skill in the art, ROM is a 
hardware non-volatile computer readable medium and RAM is a hardware volatile 
computer readable medium. Thus the examiner's amendment is sufficient to overcome 
the prior 101 rejection. 

Furthermore, in the original specification paragraph [0039], "the Super Authority 
is implemented on a server, and the components of the Super Authority are software 
modules and elements as described generally above with respect to Fig. 1" and in Fig. 1 
is a block diagram generally illustrating a computer device structure in which the present 
invention may be implemented. The elements in Fig. 1 include hardware ROM, RAM, 
Modem, hard disk drive and etc. Additionally, in claims 17-19, "At a super authority 
connected to a network environment and assigned authenticating authority and one or 
more other authenticating authorities also being connected to the network environment" 
is being recited. To a person with ordinary skill in the art, in order to be connected to a 
network environment, there must be hardware elements involved. Thus, claims 17-19 
are statutory. 



Allowable Subject Matter 

10. Claims 11-13, 15-19 and 21-25 are allowed. 
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Contact Information 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to April Y. Shan whose telephone number is (571 ) 270- 
1014. The examiner can normally be reached on Monday - Friday, 8:00 a.m. - 5:00 
p.m., EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Y. Vu can be reached on (571) 272-3859. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



18 January 2008 
AYS 





